Virtual Private Routed Network Service

Size: px
Start display at page:

Download "Virtual Private Routed Network Service"

Transcription

1 Virtual Private Routed Network Service In This Chapter This chapter provides information about the Virtual Private Routed Network (VPN) service and implementation notes. Topics in this chapter include: VPRN Service Overview on page 1465 VPRN Features on page 1483 IP Interfaces on page 1483 Object Grouping and State Monitoring on page 1494 Subscriber Interfaces on page 1496 SAPs on page 1497 QoS Policies on page 1498 Filter Policies on page 1498 DSCP Marking on page 1499 CE to PE Routing Protocols on page 1502 PE to PE Tunneling Mechanisms on page 1502 Per VRF Route Limiting on page 1502 Spoke SDPs on page 1503 Multicast in IP-VPN Applications on page 1509 Inter-AS VPRNs on page 1531 Carrier Supporting Carrier (CsC) on page 1534 Traffic Leaking to GRT on page 1541 Service Label Mode of a VPRN on page 1544 VPRN Off-Ramp on page SR OS Services Guide Page 1463

2 Configuring a VPRN Service with CLI on page 1557 Common Configuration Tasks on page 1560 Service Management Tasks on page 1581 Page SR OS Services Guide

3 Virtual Private Routed Network Services VPRN Service Overview RFC 2547b is an extension to the original RFC 2547, BGP/MPLS VPNs, which details a method of distributing routing information using BGP and MPLS forwarding data to provide a Layer 3 Virtual Private Network (VPN) service to end customers. Each Virtual Private Routed Network (VPRN) consists of a set of customer sites connected to one or more PE routers. Each associated PE router maintains a separate IP forwarding table for each VPRN. Additionally, the PE routers exchange the routing information configured or learned from all customer sites via MP-BGP peering. Each route exchanged via the MP-BGP protocol includes a Route Distinguisher (RD), which identifies the VPRN association and handles the possibility of IP address overlap. The service provider uses BGP to exchange the routes of a particular VPN among the PE routers that are attached to that VPN. This is done in a way which ensures that routes from different VPNs remain distinct and separate, even if two VPNs have an overlapping address space. The PE routers peer with locally connected CE routers and exchange routes with other PE routers in order to provide end-to-end connectivity between CEs belonging to a given VPN. Since the CE routers do not peer with each other there is no overlay visible to the CEs. When BGP distributes a VPN route, it also distributes an MPLS label for that route. On a SR- Series, the label distributed with a VPN route depends on the configured label-mode of the VPRN that is originating the route Before a customer data packet travels across the service provider's backbone, it is encapsulated with the MPLS label that corresponds, in the customer's VPN, to the route which best matches the packet's destination address. The MPLS packet is further encapsulated with one or additional MPLS labels or GRE tunnel header so that it gets tunneled across the backbone to the proper PE router. Each route exchanged by the MP-BGP protocol includes a route distinguisher (RD), which identifies the VPRN association. Thus the backbone core routers do not need to know the VPN routes. Figure 89 displays a VPRN network diagram example SR OS Services Guide Page 1465

4 VPRN Service Overview CE3 VPN:Red PE CE1 VPN:Red P P CE5 VPN:Red PE P IP/MPLS Cloud P PE CE2 VPN:Green PE CE6 VPN:Green CE4 VPN:Green Figure 89: Virtual Private Routed Network OSSG024 Page SR OS Services Guide

5 Virtual Private Routed Network Services Routing Prerequisites RFC4364 requires the following features: Multi-protocol extensions to BGP Extended BGP community support BGP capability negotiation Tunneling protocol options are as follows: Label Distribution Protocol (LDP) MPLS RSVP-TE tunnels Generic Router Encapsulation (GRE) tunnels BGP route tunnel (RFC3107) 7750 SR OS Services Guide Page 1467

6 VPRN Service Overview Core MP-BGP Support BGP is used with BGP extensions mentioned in Routing Prerequisites on page 1467 to distribute VPRN routing information across the service provider s network. BGP was initially designed to distribute IPv4 routing information. Therefore, multi-protocol extensions and the use of a VPN-IP address were created to extend BGP s ability to carry overlapping routing information. A VPN-IPv4 address is a 12-byte value consisting of the 8-byte route distinguisher (RD) and the 4-byte IPv4 IP address prefix. A VPN-IPv6 address is a 24-byte value consisting of the 8-byte RD and 16-byte IPv6 address prefix. Service providers typically assign one or a small number of RDs per VPN service network-wide. Page SR OS Services Guide

7 Virtual Private Routed Network Services Route Distinguishers The route distinguisher (RD) is an 8-byte value consisting of two major fields, the Type field and Value field. The Type field determines how the Value field should be interpreted. The 7750 SR OS implementation supports the three (3) Type values as defined in the standard. Type Field (2-bytes) Value Field (6-bytes) Figure 90: Route Distinguisher The three Type values are: Type 0: Value Field Administrator subfield (2 bytes) Assigned number subfield (4 bytes) The administrator field must contain an AS number (using private AS numbers is discouraged). The Assigned field contains a number assigned by the service provider. Type 1: Value Field Administrator subfield (4 bytes) Assigned number subfield (2 bytes) The administrator field must contain an IP address (using private IP address space is discouraged). The Assigned field contains a number assigned by the service provider. Type 2: Value Field Administrator subfield (4 bytes) Assigned number subfield (2 bytes) The administrator field must contain a 4-byte AS number (using private AS numbers is discouraged). The Assigned field contains a number assigned by the service provider. eibgp Load Balancing eibgp load balancing allows a route to have multiple nexthops of different types, using both IPv4 nexthops and MPLS LSPs simultaneously. Figure 91 displays a basic topology that could use eibgp load balancing. In this topology CE1 is dual homed and thus reachable by two separate PE routers. CE 2 (a site in the same VPRN) is also attached to PE1. With eibgp load balancing, PE1 will utilize its own local IPv4 nexthop as well as the route advertised by MP-BGP, by PE SR OS Services Guide Page 1469

8 VPRN Service Overview CE2 PE1 VRF IP/MPLS CE1 VRF PE2 al_0155 Figure 91: Basic eibgp Topology Another example displayed in Figure 92 shows an extra net VPRN (VRF). The traffic ingressing the PE that should be load balanced is part of a second VPRN and the route over which the load balancing is to occur is part of a separate VPRN instance and are leaked into the second VPRN by route policies. Here, both routes can have a source protocol of VPN-IPv4 but one will still have an IPv4 nexthop and the other can have a VPN-IPv4 nexthop pointing out a network interface. Traffic will still be load balanced (if eibgp is enabled) as if only a single VRF was involved. Page SR OS Services Guide

9 Virtual Private Routed Network Services CE2 PE1 VRF VRF IP/MPLS CE1 VRF PE2 al_0162 Figure 92: Extranet Load Balancing Traffic will be load balanced across both the IPv4 and VPN-IPv4 next hops. This helps to use all available bandwidth to reach a dual-homed VPRN SR OS Services Guide Page 1471

10 VPRN Service Overview Route Reflector The use of Route Reflectors is supported in the service provider core. Multiple sets of route reflectors can be used for different types of BGP routes, including IPv4 and VPN-IPv4 as well as multicast and IPv6. Page SR OS Services Guide

11 Virtual Private Routed Network Services CE to PE Route Exchange Routing information between the Customer Edge (CE) and Provider Edge (PE) can be exchanged by the following methods: Static Routes E-BGP RIP OSPF OSPF3 Each protocol provides controls to limit the number of routes learned from each CE router. Route Redistribution Routing information learned from the CE-to-PE routing protocols and configured static routes should be injected in the associated local VPN routing/forwarding (VRF). In the case of dynamic routing protocols, there may be protocol specific route policies that modify or reject certain routes before they are injected into the local VRF. Route redistribution from the local VRF to CE-to-PE routing protocols is to be controlled via the route policies in each routing protocol instance, in the same manner that is used by the base router instance. The advertisement or redistribution of routing information from the local VRF to or from the MP- BGP instance is specified per VRF and is controlled by VRF route target associations or by VRF route policies. VPN-IP routes imported into a VPRN, have the protocol type bgp-vpn to denote that it is an VPRN route. This can be used within the route policy match criteria SR OS Services Guide Page 1473

12 VPRN Service Overview CPE Connectivity Check Static routes are used within many IES and VPRN services. Unlike dynamic routing protocols, there is no way to change the state of routes based on availability information for the associated CPE. CPE connectivity check adds flexibility so that unavailable destinations will be removed from the VPRN routing tables dynamically and minimize wasted bandwidth. Server B.1 Static-route A.0/24 nexthop cpe-check interval 1 drop-count 2 Static-route B.0/24 nexthop cpe-check interval 1 drop-count B A.0.2 CPE /31.1 VPRN A Backbone Server A.1 Node A Fig_18 Figure 93: Directly Connected IP Target Server B.1 IC-route A.0/24 nexthop cpe-check interval 1 drop-count 2 IC-route B.0/24 nexthop cpe-check interval 1 drop-count B A / Management CPE /31.1 VPRN A Backbone Server A.1 Node A Fig_19 Figure 94: Multiple Hops to IP Target Page SR OS Services Guide

13 Virtual Private Routed Network Services The availability of the far-end static route is monitored through periodic polling. The polling period is configured. If the poll fails a specified number of sequential polls, the static route is marked as inactive. Either ICMP ping or unicast ARP mechanism can be used to test the connectivity. ICMP ping is preferred. If the connectivity check fails and the static route is de-activated, the SR-Series router will continue to send polls and re-activate any routes that are restored SR OS Services Guide Page 1475

14 VPRN Service Overview Constrained Route Distribution (RT Constraint) Constrained VPN Route Distribution Based on Route Targets Constrained Route Distribution (or RT Constraint) is a mechanism that allows a router to advertise Route Target membership information to its BGP peers to indicate interest in receiving only VPN routes tagged with specific Route Target extended communities. Upon receiving this information, peers restrict the advertised VPN routes to only those requested, minimizing control plane load in terms of protocol traffic and possibly also RIB memory. The Route Target membership information is carried using MP-BGP, using an AFI value of 1 and SAFI value of 132. In order for two routers to exchange RT membership NLRI they must advertise the corresponding AFI/SAFI to each other during capability negotiation. The use of MP-BGP means RT membership NLRI are propagated, loop-free, within an AS and between ASes using well-known BGP route selection and advertisement rules. ORF can also be used for RT-based route filtering, but ORF messages have a limited scope of distribution (to direct peers) and therefore do not automatically create pruned inter-cluster and inter-as route distribution trees. Configuring the Route Target Address Family RT Constraint is supported only by the base router BGP instance. When the family command at the BGP router group or neighbor CLI context includes the route-target keyword, the RT Constraint capability is negotiated with the associated set of EBGP and IBGP peers. ORF is mutually exclusive with RT Constraint on a particular BGP session. The CLI will not attempt to block this configuration, but if both capabilities are enabled on a session, the ORF capability will not be included in the OPEN message sent to the peer. Originating RT Constraint Routes When the base router has one or more RTC peers (BGP peers with which the RT Constraint capability has been successfully negotiated), one RTC route is created for each RT extended community imported (for unicast connectivity) by locally-configured VPRN services. By default, these RTC routes are automatically advertised to all RTC peers, without the need for an export policy to explicitly accept them. Each RTC route has a prefix, a prefix length and path attributes. The prefix value is the concatenation of the origin AS (a 4 byte value representing the 2- or 4-octet AS of the originating router, as configured using the config>router>autonomoussystem command) and 0 or bits of a route target extended community encoded in one of the Page SR OS Services Guide

15 Virtual Private Routed Network Services following formats: 2-octet AS specific extended community, IPv4 address specific extended community, or 4-octet AS specific extended community. A 7750 SR may be configured to send the default RTC route to any RTC peer. This is done using the new default-route-target group/neighbor CLI command. The default RTC route is a special type of RTC route that has zero prefix length. Sending the default RTC route to a peer conveys a request to receive all VPN routes (regardless of route target extended community) from that peer. The default RTC route is typically advertised by a route reflector to its clients. The advertisement of the default RTC route to a peer does not suppress other more specific RTC routes from being sent to that peer. Receiving and Re-Advertising RT Constraint Routes All received RTC routes that are deemed valid are stored in the RIB-IN. An RTC route is considered invalid and treated as withdrawn, if any of the following applies: The prefix length is The prefix length is The prefix length is and the 16 most-significant bits are not 0x0002, 0x0102 or 0x0202. If multiple RTC routes are received for the same prefix value then standard BGP best path selection procedures are used to determine the best of these routes. The best RTC route per prefix is re-advertised to RTC peers based on the following rules: The best path for a default RTC route (prefix-length 0, origin AS only with prefix-length 32, or origin AS plus 16 bits of an RT type with prefix-length 48) is never propagated to another peer. A PE with only IBGP RTC peers that is neither a route reflector or an ASBR does not readvertise the best RTC route to any RTC peer due to standard IBGP split horizon rules. A route reflector that receives its best RTC route for a prefix from a client peer readvertises that route (subject to export policies) to all of its client and non-client IBGP peers (including the originator), per standard RR operation. When the route is readvertised to client peers, the RR (i) sets the ORIGINATOR_ID to its own router ID and (ii) modifies the NEXT_HOP to be its local address for the sessions (for example, system IP). A route reflector that receives its best RTC route for a prefix from a non-client peer readvertises that route (subject to export policies) to all of its client peers, per standard RR operation. If the RR has a non-best path for the prefix from any of its clients, it advertises the best of the client-advertised paths to all non-client peers SR OS Services Guide Page 1477

16 VPRN Service Overview An ASBR that is neither a PE nor a route reflector that receives its best RTC route for a prefix from an IBGP peer re-advertises that route (subject to export policies) to its EBGP peers. It modifies the NEXT_HOP and AS_PATH of the re-advertised route per standard BGP rules. No aggregation of RTC routes is supported. An ASBR that is neither a PE nor a route reflector that receives its best RTC route for a prefix from an EBGP peer re-advertises that route (subject to export policies) to its EBGP and IBGP peers. When re-advertised routes are sent to EBGP peers, the ABSR modifies the NEXT_HOP and AS_PATH per standard BGP rules. No aggregation of RTC routes is supported. Note: These advertisement rules do not handle hierarchical RR topologies properly. This is a limitation of the current RT constraint standard. Using RT Constraint Routes In general (ignoring IBGP-to-IBGP rules, Add-Path, Best-external, etc.), the best VPN route for every prefix/nlri in the RIB is sent to every peer supporting the VPN address family, but export policies may be used to prevent some prefix/nlri from being advertised to specific peers. These export policies may be configured statically or created dynamically based on the support of ORF with specific peers. RT Constraint introduces another mechanism for dynamic modification of export policies. In R10, ORF and RT Constraint are mutually exclusive on a session. When RT Constraint is configured on a session that also supports VPN address families using route targets (that is, L2-VPN, VPN-IPv4, VPN-IPv6, MVPN, MDT-SAFI), the advertisement of the VPN routes is affected as follows: When the session comes up, all L2-VPN, MVPN, and MDT-SAFI routes (subject to manually configured export policies) are advertised immediately, but the advertisement of VPN-IPv4 and VPN-IPv6 routes is delayed for a short while to allow all RTC routes to first be received from the peer. After the initial delay, the received RTC routes are acted upon immediately. If S1 is the set of routes previously advertised to the peer and S2 is the set of routes that should be advertised based on the most recent received RTC routes then: Set of routes in S1 but not in S2 should be withdrawn immediately (subject to MRAI). Set of routes in S2 but not in S1 should be advertised immediately (subject to MRAI). If a default RTC route is received from an EBGP or IBGP peer P1, the VPN routes that are advertised to P1 is the set of VPN-IPv4 and VPN-IPv6 routes in the LOC-RIB that: (a) are eligible for advertisement to P1 per BGP route advertisement rules AND (b) have not been rejected by manually configured export policies AND (c) have not been advertised to the peer Note: This applies whether or not P1 advertised the best route for the default RTC prefix. Page SR OS Services Guide

17 Virtual Private Routed Network Services No MVPN, MDT-SAFI, or L2-VPN routes are sent as a result of receiving the default RTC route. In this context, a default RTC route is any of the following: (1) a route with NLRI length = zero (2) a route with NLRI value = origin AS and NLRI length = 32 (3) a route with NLRI value = {origin AS+0x0002 origin AS+0x0102 origin AS+0x0202} and NLRI length = 48 If an RTC route for prefix A (origin-as = A1, RT = A2/n, n > 48) is received from an IBGP peer I1 in autonomous system A1, the VPN routes that are advertised to I1 is the set of VPN-IPv4 and VPN-IPv6 routes in the LOC_RIB that: (a) are eligible for advertisement to I1 per BGP route advertisement rules AND (b) have not been rejected by manually configured export policies AND (c) carry at least one route target extended community with value A2 in the n mostsignificant bits AND (d) have not been advertised to the peer Note: This applies whether or not I1 advertised the best route for A. No MVPN, MDT-SAFI or L2-VPN routes are sent as a result of receiving the RTC route. If the best RTC route for a prefix A (origin-as = A1, RT = A2/n, n > 48) is received from an IBGP peer I1 in autonomous system B, the VPN routes that are advertised to I1 is the set of VPN-IPv4 and VPN-IPv6 routes in the LOC-RIB that: (a) are eligible for advertisement to I1 per BGP route advertisement rules AND (b) have not been rejected by manually configured export policies AND (c) carry at least one route target extended community with value A2 in the n mostsignificant bits AND (d) have not been advertised to the peer Note: This applies only if I1 advertised the best route for A. No MVPN, MDT-SAFI, or L2-VPN routes are sent as a result of receiving the RTC route. If the best RTC route for a prefix A (origin-as = A1, RT = A2/n, n > 48) is received from an EBGP peer E1, the VPN routes that are advertised to E1 is the set of VPN-IPv4 and VPN-IPv6 routes in the LOC-RIB that: (a) are eligible for advertisement to E1 per BGP route advertisement rules AND (b) have not been rejected by manually configured export policies AND (c) carry at least one route target extended community with value A2 in the n mostsignificant bits AND (d) have not been advertised to the peer Note: This applies only if E1 advertised the best route for A SR OS Services Guide Page 1479

18 VPRN Service Overview No MVPN, MDT-SAFI or L2-VPN routes are sent as a result of receiving the RTC route. Page SR OS Services Guide

19 Virtual Private Routed Network Services BGP Fast Reroute in a VPRN BGP fast reroute is a feature that brings together indirection techniques in the forwarding plane and pre-computation of BGP backup paths in the control plane to support fast reroute of BGP traffic around unreachable/failed next-hops. In a VPRN context BGP fast reroute is supported using unlabeled IPv4, unlabeled IPv6, VPN-IPv4, and VPN-IPv6 VPN routes. The supported VPRN scenarios are outlined in Table 23. Note that BGP fast reroute information specific to the base router BGP context is described in the BGP Fast Reroute section of the 7x50 SR OS Routing Protocols Guide. Table 23: BGP Fast Reroute Scenarios (VPRN Context) Ingress Packet IPv4 (ingress PE) IPv4 (ingress PE) MPLS (egress PE) MPLS (egress PE) IPv6 (ingress PE) IPv6 (ingress PE) MPLS (egress) Primary Route Backup Route Prefix Independent Convergence IPv4 route with next-hop A resolved by an IPv4 route VPN-IPv4 route with next-hop A resolved by a GRE, LDP, RSVP or BGP tunnel IPv4 route with next-hop A resolved by an IPv4 route IPv4 route with next-hop A resolved by an IPv4 rout IPv6 route with next-hop A resolved by an IPv6 route VPN-IPv6 route with next-hop A resolved by a GRE, LDP, RSVP or BGP tunnel IPv6 route with next-hop A resolved by an IPv6 route IPv4 route with next-hop B resolved by an IPv4 route VPN-IPv4 route with nexthop A resolved by a GRE, LDP, RSVP or BGP tunnel IPv4 route with next-hop B resolved by an IPv4 route VPN-IPv4 route* with nexthop B resolved by a GRE, LDP, RSVP or BGP tunnel IPv6 route with next-hop B resolved by an IPv6 route VPN-IPv6 route with nexthop B resolved by a GRE, LDP, RSVP or BGP tunnel IPv6 route with next-hop B resolved by an IPv6 route Yes Yes, but if the VPN-IP routes are label-per-prefix the ingress card must be FP2 or better Yes Yes, but if the VPN-IP routes are label-per-prefix the ingress card must be FP2 or better for PIC Yes Yes, but if the VPN-IP routes are label-per-prefix the ingress card must be FP2 or better Yes 7750 SR OS Services Guide Page 1481

20 VPRN Service Overview Table 23: BGP Fast Reroute Scenarios (VPRN Context) Ingress Packet MPLS (egress) Primary Route Backup Route Prefix Independent Convergence IPv6 route with next-hop A resolved by an IPv6 route Yes, but if the VPN-IP routes are label-per-prefix the ingress card must be FP2 or better for PIC VPRN label mode must be VRF. VPRN must export its VPN-IP routes with RD y. For the best performance the backup next-hop must advertise the same VPRN label value with all routes (e.g. per VRF label). BGP Fast Reroute in a VPRN Configuration Configuring the backup-path command under config>service>vprn>bgp causes only routes learned from CE BGP peers to be considered when selecting the primary and backup paths. Configuring the enable-bgp-vpn-backup command under config>service>vprn causes imported BGP-VPN routes to be compared to CE BGP routes when selecting the primary and backup paths. This command is required to support fast failover of ingress traffic from one remote PE to another remote PE and to support fast failover of egress traffic from a locally connected CE to a remote PE. Page SR OS Services Guide

21 Virtual Private Routed Network Services VPRN Features This section describes various VPRN features and any special capabilities or considerations as they relate to VPRN services. IP Interfaces on page 1483 Subscriber Interfaces on page 1496 SAPs on page 1497 Encapsulations on page 1497 QoS Policies on page 1498 Filter Policies on page 1498 CE to PE Routing Protocols on page 1502 PE to PE Tunneling Mechanisms on page 1502 Per VRF Route Limiting on page 1502 Using OSPF in IP-VPNs on page 1506 Spoke SDPs on page 1503 Multicast Protocols Supported in the Provider Network on page 1512 IP Interfaces VPRN customer IP interfaces can be configured with most of the same options found on the core IP interfaces. The advanced configuration options supported are: VRRP Cflowd Secondary IP addresses ICMP Options Configuration options found on core IP interfaces not supported on VPRN IP interfaces are: NTP broadcast receipt 7750 SR OS Services Guide Page 1483

22 VPRN Features QoS Policy Propagation Using BGP (QPPB) This section discusses QPPB as it applies to VPRN, IES, and router interfaces. Refer to the QoS Policy Propagation Using BGP (QPPB) on page 1210 section on page 1207 and the IP Router Configuration section in the 7x50 OS Router Configuration Guide. QoS policy propagation using BGP (QPPB) is a feature that allows a route to be installed in the routing table with a forwarding-class and priority so that packets matching the route can receive the associated QoS. The forwarding-class and priority associated with a BGP route are set using BGP import route policies. In the industry this feature is called QPPB, and even though the feature name refers to BGP specifically. On SR routers, QPPB is supported for BGP (IPv4, IPv6, VPN- IPv4, VPN-IPv6), RIP and static routes. While SAP ingress and network QoS policies can achieve the same end result as QPPB, assigning a packet arriving on a particular IP interface to a specific forwarding-class and priority/profile based on the source IP address or destination IP address of the packet the effort involved in creating the QoS policies, keeping them up-to-date, and applying them across many nodes is much greater than with QPPB. In a typical application of QPPB, a BGP route is advertised with a BGP community attribute that conveys a particular QoS. Routers that receive the advertisement accept the route into their routing table and set the forwarding-class and priority of the route from the community attribute. QPPB Applications There are two typical applications of QPPB: 1. Coordination of QoS policies between different administrative domains. 2. Traffic differentiation within a single domain, based on route characteristics. Inter-AS Coordination of QoS Policies The operator of an administrative domain A can use QPPB to signal to a peer administrative domain B that traffic sent to certain prefixes advertised by domain A should receive a particular QoS treatment in domain B. More specifically, an ASBR of domain A can advertise a prefix XYZ to domain B and include a BGP community attribute with the route. The community value implies a particular QoS treatment, as agreed by the two domains (in their peering agreement or service level agreement, for example). When the ASBR and other routers in domain B accept and install the route for XYZ into their routing table, they apply a QoS policy on selected interfaces that classifies traffic towards network XYZ into the QoS class implied by the BGP community value. QPPB may also be used to request that traffic sourced from certain networks receive appropriate QoS handling in downstream nodes that may span different administrative domains. This can be achieved by advertising the source prefix with a BGP community, as discussed above. However, Page SR OS Services Guide

23 Virtual Private Routed Network Services in this case other approaches are equally valid, such as marking the DSCP or other CoS fields based on source IP address so that downstream domains can take action based on a common understanding of the QoS treatment implied by different DSCP values. In the above examples, coordination of QoS policies using QPPB could be between a business customer and its IP VPN service provider, or between one service provider and another. Traffic Differentiation Based on Route Characteristics There may be times when a network operator wants to provide differentiated service to certain traffic flows within its network, and these traffic flows can be identified with known routes. For example, the operator of an ISP network may want to give priority to traffic originating in a particular ASN (the ASN of a content provider offering over-the-top services to the ISP s customers), following a certain AS_PATH, or destined for a particular next-hop (remaining on-net vs. off-net). Figure 95 shows an example of an ISP that has an agreement with the content provider managing AS300 to provide traffic sourced and terminating within AS300 with differentiated service appropriate to the content being transported. In this example we presume that ASBR1 and ASBR2 mark the DSCP of packets terminating and sourced, respectively, in AS300 so that other nodes within the ISP s network do not need to rely on QPPB to determine the correct forwarding-class to use for the traffic. Note however, that the DSCP or other COS markings could be left unchanged in the ISP s network and QPPB used on every node. Route Policy: Accept all routes with AS_PATH ending with ASN 300 and set fcto high-1 QoSPolicy: Lookup the destination IP address of all packets arriving on this interface to determine fc Route Policy: Accept all routes with AS_PATH ending with ASN 300 and set fcto high-1 QoSPolicy: Lookup the source IP address of all packets arriving on this interface to determine fc Provider Content Provider AS 300 Peer AS 200 PE 1 ASBR 1 P ASBR 2 Figure 95: Use of QPPB to Differentiate Traffic in an ISP Network OSSG SR OS Services Guide Page 1485

Internet Enhanced Service

Internet Enhanced Service Internet Enhanced Service In This Chapter This chapter provides information about Internet Enhanced Service (IES), process overview, and implementation notes. Topics in this chapter include: IES Service

More information

Network QoS Policies. In This Section. 7950 XRS Quality of Service Guide Page 79

Network QoS Policies. In This Section. 7950 XRS Quality of Service Guide Page 79 Network QoS Policies In This Section This section provides information to configure network QoS policies using the command line interface. Topics in this section include: Overview on page 80 Basic Configurations

More information

Introduction to MPLS-based VPNs

Introduction to MPLS-based VPNs Introduction to MPLS-based VPNs Ferit Yegenoglu, Ph.D. ISOCORE ferit@isocore.com Outline Introduction BGP/MPLS VPNs Network Architecture Overview Main Features of BGP/MPLS VPNs Required Protocol Extensions

More information

IP/MPLS-Based VPNs Layer-3 vs. Layer-2

IP/MPLS-Based VPNs Layer-3 vs. Layer-2 Table of Contents 1. Objective... 3 2. Target Audience... 3 3. Pre-Requisites... 3 4. Introduction...3 5. MPLS Layer-3 VPNs... 4 6. MPLS Layer-2 VPNs... 7 6.1. Point-to-Point Connectivity... 8 6.2. Multi-Point

More information

RFC 2547bis: BGP/MPLS VPN Fundamentals

RFC 2547bis: BGP/MPLS VPN Fundamentals White Paper RFC 2547bis: BGP/MPLS VPN Fundamentals Chuck Semeria Marketing Engineer Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA 94089 USA 408 745 2001 or 888 JUNIPER www.juniper.net

More information

Introducing Basic MPLS Concepts

Introducing Basic MPLS Concepts Module 1-1 Introducing Basic MPLS Concepts 2004 Cisco Systems, Inc. All rights reserved. 1-1 Drawbacks of Traditional IP Routing Routing protocols are used to distribute Layer 3 routing information. Forwarding

More information

Implementing MPLS VPNs over IP Tunnels on Cisco IOS XR Software

Implementing MPLS VPNs over IP Tunnels on Cisco IOS XR Software Implementing MPLS VPNs over IP Tunnels on Cisco IOS XR Software The MPLS VPNs over IP Tunnels feature lets you deploy Layer 3 Virtual Private Netwk (L3VPN) services, over an IP ce netwk, using L2TPv3 multipoint

More information

Computer Network Architectures and Multimedia. Guy Leduc. Chapter 2 MPLS networks. Chapter 2: MPLS

Computer Network Architectures and Multimedia. Guy Leduc. Chapter 2 MPLS networks. Chapter 2: MPLS Computer Network Architectures and Multimedia Guy Leduc Chapter 2 MPLS networks Chapter based on Section 5.5 of Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross Addison-Wesley,

More information

DD2491 p2 2011. MPLS/BGP VPNs. Olof Hagsand KTH CSC

DD2491 p2 2011. MPLS/BGP VPNs. Olof Hagsand KTH CSC DD2491 p2 2011 MPLS/BGP VPNs Olof Hagsand KTH CSC 1 Literature Practical BGP: Chapter 10 MPLS repetition, see for example http://www.csc.kth.se/utbildning/kth/kurser/dd2490/ipro1-11/lectures/mpls.pdf Reference:

More information

How Routers Forward Packets

How Routers Forward Packets Autumn 2010 philip.heimer@hh.se MULTIPROTOCOL LABEL SWITCHING (MPLS) AND MPLS VPNS How Routers Forward Packets Process switching Hardly ever used today Router lookinginside the packet, at the ipaddress,

More information

Introduction Inter-AS L3VPN

Introduction Inter-AS L3VPN Introduction Inter-AS L3VPN 1 Extending VPN services over Inter-AS networks VPN Sites attached to different MPLS VPN Service Providers How do you distribute and share VPN routes between ASs Back- to- Back

More information

MikroTik RouterOS Introduction to MPLS. Prague MUM Czech Republic 2009

MikroTik RouterOS Introduction to MPLS. Prague MUM Czech Republic 2009 MikroTik RouterOS Introduction to MPLS Prague MUM Czech Republic 2009 Q : W h y h a v e n 't y o u h e a r d a b o u t M P LS b e fo re? A: Probably because of the availability and/or price range Q : W

More information

MP PLS VPN MPLS VPN. Prepared by Eng. Hussein M. Harb

MP PLS VPN MPLS VPN. Prepared by Eng. Hussein M. Harb MP PLS VPN MPLS VPN Prepared by Eng. Hussein M. Harb Agenda MP PLS VPN Why VPN VPN Definition VPN Categories VPN Implementations VPN Models MPLS VPN Types L3 MPLS VPN L2 MPLS VPN Why VPN? VPNs were developed

More information

PRASAD ATHUKURI Sreekavitha engineering info technology,kammam

PRASAD ATHUKURI Sreekavitha engineering info technology,kammam Multiprotocol Label Switching Layer 3 Virtual Private Networks with Open ShortestPath First protocol PRASAD ATHUKURI Sreekavitha engineering info technology,kammam Abstract This paper aims at implementing

More information

Network Working Group Request for Comments: 2547. March 1999

Network Working Group Request for Comments: 2547. March 1999 Network Working Group Request for Comments: 2547 Category: Informational E. Rosen Y. Rekhter Cisco Systems, Inc. March 1999 BGP/MPLS VPNs Status of this Memo This memo provides information for the Internet

More information

-Green line is total enrollment -2008 numbers are projected to be near 20,000 (on-campus) not including distance education numbers.

-Green line is total enrollment -2008 numbers are projected to be near 20,000 (on-campus) not including distance education numbers. 1 2 3 4 -Lower yellow line is graduate student enrollment -Red line is undergradate enrollment -Green line is total enrollment -2008 numbers are projected to be near 20,000 (on-campus) not including distance

More information

Kingston University London

Kingston University London Kingston University London Thesis Title Implementation and performance evaluation of WAN services over MPLS Layer-3 VPN Dissertation submitted for the Degree of Master of Science in Networking and Data

More information

MPLS VPN over mgre. Finding Feature Information. Prerequisites for MPLS VPN over mgre

MPLS VPN over mgre. Finding Feature Information. Prerequisites for MPLS VPN over mgre The feature overcomes the requirement that a carrier support multiprotocol label switching (MPLS) by allowing you to provide MPLS connectivity between networks that are connected by IP-only networks. This

More information

DD2491 p2 2009. BGP-MPLS VPNs. Olof Hagsand KTH/CSC

DD2491 p2 2009. BGP-MPLS VPNs. Olof Hagsand KTH/CSC DD2491 p2 2009 BGP-MPLS VPNs Olof Hagsand KTH/CSC Literature Practical BGP: Chapter 10 JunOS Cookbook: Chapter 14 and 15 MPLS Advantages Originally, the motivation was speed and cost. But routers does

More information

UNDERSTANDING JUNOS OS NEXT-GENERATION MULTICAST VPNS

UNDERSTANDING JUNOS OS NEXT-GENERATION MULTICAST VPNS WHITE PAPER UNDERSTANDING JUNOS OS NEXT-GENERATION MULTICAST VPNS Copyright 2010, Juniper Networks, Inc. 1 Table of Contents Executive Summary.............................................................................................

More information

Implementing MPLS VPNs over IP Tunnels

Implementing MPLS VPNs over IP Tunnels Implementing MPLS VPNs over IP Tunnels The MPLS VPNs over IP Tunnels feature lets you deploy Layer 3 Virtual Private Netwk (L3VPN) services, over an IP ce netwk, using L2TPv3 multipoint tunneling instead

More information

MPLS-based Layer 3 VPNs

MPLS-based Layer 3 VPNs MPLS-based Layer 3 VPNs Overall objective The purpose of this lab is to study Layer 3 Virtual Private Networks (L3VPNs) created using MPLS and BGP. A VPN is an extension of a private network that uses

More information

MPLS VPN Route Target Rewrite

MPLS VPN Route Target Rewrite The feature allows the replacement of route targets on incoming and outgoing Border Gateway Protocol (BGP) updates Typically, Autonomous System Border Routers (ASBRs) perform the replacement of route targets

More information

Junos MPLS and VPNs (JMV)

Junos MPLS and VPNs (JMV) Junos MPLS and VPNs (JMV) Course No: EDU-JUN-JMV Length: Five days Onsite Price: $32500 for up to 12 students Public Enrollment Price: $3500/student Course Level JMV is an advanced-level course. Prerequisites

More information

- Multiprotocol Label Switching -

- Multiprotocol Label Switching - 1 - Multiprotocol Label Switching - Multiprotocol Label Switching Multiprotocol Label Switching (MPLS) is a Layer-2 switching technology. MPLS-enabled routers apply numerical labels to packets, and can

More information

MPLS VPN Services. PW, VPLS and BGP MPLS/IP VPNs

MPLS VPN Services. PW, VPLS and BGP MPLS/IP VPNs A Silicon Valley Insider MPLS VPN Services PW, VPLS and BGP MPLS/IP VPNs Technology White Paper Serge-Paul Carrasco Abstract Organizations have been demanding virtual private networks (VPNs) instead of

More information

IMPLEMENTING CISCO MPLS V3.0 (MPLS)

IMPLEMENTING CISCO MPLS V3.0 (MPLS) IMPLEMENTING CISCO MPLS V3.0 (MPLS) COURSE OVERVIEW: Multiprotocol Label Switching integrates the performance and traffic-management capabilities of data link Layer 2 with the scalability and flexibility

More information

IPv6 over MPLS VPN. Contents. Prerequisites. Document ID: 112085. Requirements

IPv6 over MPLS VPN. Contents. Prerequisites. Document ID: 112085. Requirements IPv6 over MPLS VPN Document ID: 112085 Contents Introduction Prerequisites Requirements Components Used Conventions Configure Network Diagram VRF Configuration Multiprotocol BGP (MP BGP) Configuration

More information

In this chapter, you learn about the following: How MPLS provides security (VPN separation, robustness against attacks, core hiding, and spoofing

In this chapter, you learn about the following: How MPLS provides security (VPN separation, robustness against attacks, core hiding, and spoofing In this chapter, you learn about the following: How MPLS provides security (VPN separation, robustness against attacks, core hiding, and spoofing protection) How the different Inter-AS and Carrier s Carrier

More information

L2 VPNs. Pseudowires. Virtual Private LAN Services. Metro/Carrier Ethernet.

L2 VPNs. Pseudowires. Virtual Private LAN Services. Metro/Carrier Ethernet. L2 VPNs. Pseudowires. Virtual Private LAN Services. Metro/Carrier Ethernet. Petr Grygárek rek 1 Layer 2 VPNs 2 Usages of L2 VPNs Server farms/clusters and other L2- dependent applications redundancy and

More information

MPLS Concepts. Overview. Objectives

MPLS Concepts. Overview. Objectives MPLS Concepts Overview This module explains the features of Multi-protocol Label Switching (MPLS) compared to traditional ATM and hop-by-hop IP routing. MPLS concepts and terminology as well as MPLS label

More information

Network Virtualization with the Cisco Catalyst 6500/6800 Supervisor Engine 2T

Network Virtualization with the Cisco Catalyst 6500/6800 Supervisor Engine 2T White Paper Network Virtualization with the Cisco Catalyst 6500/6800 Supervisor Engine 2T Introduction Network virtualization is a cost-efficient way to provide traffic separation. A virtualized network

More information

MPLS-based Virtual Private Network (MPLS VPN) The VPN usually belongs to one company and has several sites interconnected across the common service

MPLS-based Virtual Private Network (MPLS VPN) The VPN usually belongs to one company and has several sites interconnected across the common service Nowdays, most network engineers/specialists consider MPLS (MultiProtocol Label Switching) one of the most promising transport technologies. Then, what is MPLS? Multi Protocol Label Switching (MPLS) is

More information

VPLS Technology White Paper HUAWEI TECHNOLOGIES CO., LTD. Issue 01. Date 2012-10-30

VPLS Technology White Paper HUAWEI TECHNOLOGIES CO., LTD. Issue 01. Date 2012-10-30 Issue 01 Date 2012-10-30 HUAWEI TECHNOLOGIES CO., LTD. 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of

More information

MPLS VPN. Agenda. MP-BGP VPN Overview MPLS VPN Architecture MPLS VPN Basic VPNs MPLS VPN Complex VPNs MPLS VPN Configuration (Cisco) L86 - MPLS VPN

MPLS VPN. Agenda. MP-BGP VPN Overview MPLS VPN Architecture MPLS VPN Basic VPNs MPLS VPN Complex VPNs MPLS VPN Configuration (Cisco) L86 - MPLS VPN MPLS VPN Peer to Peer VPN s Agenda MP-BGP VPN Overview MPLS VPN Architecture MPLS VPN Basic VPNs MPLS VPN Complex VPNs MPLS VPN Configuration (Cisco) CE-PE OSPF Routing CE-PE Static Routing CE-PE RIP Routing

More information

MPLS. Cisco MPLS. Cisco Router Challenge 227. MPLS Introduction. The most up-to-date version of this test is at: http://networksims.com/i01.

MPLS. Cisco MPLS. Cisco Router Challenge 227. MPLS Introduction. The most up-to-date version of this test is at: http://networksims.com/i01. MPLS Cisco MPLS MPLS Introduction The most up-to-date version of this test is at: http://networksims.com/i01.html Cisco Router Challenge 227 Outline This challenge involves basic frame-mode MPLS configuration.

More information

MPLS Implementation MPLS VPN

MPLS Implementation MPLS VPN MPLS Implementation MPLS VPN Describing MPLS VPN Technology Objectives Describe VPN implementation models. Compare and contrast VPN overlay VPN models. Describe the benefits and disadvantages of the overlay

More information

Demonstrating the high performance and feature richness of the compact MX Series

Demonstrating the high performance and feature richness of the compact MX Series WHITE PAPER Midrange MX Series 3D Universal Edge Routers Evaluation Report Demonstrating the high performance and feature richness of the compact MX Series Copyright 2011, Juniper Networks, Inc. 1 Table

More information

INTRODUCTION TO L2VPNS

INTRODUCTION TO L2VPNS INTRODUCTION TO L2VPNS 4 Introduction to Layer 2 and Layer 3 VPN Services CE Layer 3 VPN Link Comprised of IP Traffic Passed Over IP Backbone LEGEND Layer 3 VPN Layer 2 VPN CE CE PE IP Backbone PE CE Layer

More information

IPv6 over IPv4/MPLS Networks: The 6PE approach

IPv6 over IPv4/MPLS Networks: The 6PE approach IPv6 over IPv4/MPLS Networks: The 6PE approach Athanassios Liakopoulos Network Operation & Support Manager (aliako@grnet.gr) Greek Research & Technology Network (GRNET) III Global IPv6 Summit Moscow, 25

More information

ETHERNET VPN (EVPN) NEXT-GENERATION VPN FOR ETHERNET SERVICES

ETHERNET VPN (EVPN) NEXT-GENERATION VPN FOR ETHERNET SERVICES ETHERNET VPN (EVPN) NEXT-GENERATION VPN FOR ETHERNET SERVICES Alastair JOHNSON (AJ) February 2014 alastair.johnson@alcatel-lucent.com AGENDA 1. EVPN Background and Motivation 2. EVPN Operations 3. EVPN

More information

Department of Communications and Networking. S-38.2131/3133 Networking Technology, Laboratory course A/B

Department of Communications and Networking. S-38.2131/3133 Networking Technology, Laboratory course A/B Department of Communications and Networking S-38.2131/3133 Networking Technology, Laboratory course A/B Work Number 38: MPLS-VPN Basics Student Edition Preliminary Exercises and Laboratory Assignments

More information

Enterprise Network Simulation Using MPLS- BGP

Enterprise Network Simulation Using MPLS- BGP Enterprise Network Simulation Using MPLS- BGP Tina Satra 1 and Smita Jangale 2 1 Department of Computer Engineering, SAKEC, Chembur, Mumbai-88, India tinasatra@gmail.com 2 Department of Information Technolgy,

More information

WAN Topologies MPLS. 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr. 2006 Cisco Systems, Inc. All rights reserved.

WAN Topologies MPLS. 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr. 2006 Cisco Systems, Inc. All rights reserved. MPLS WAN Topologies 1 Multiprotocol Label Switching (MPLS) IETF standard, RFC3031 Basic idea was to combine IP routing protocols with a forwarding algoritm based on a header with fixed length label instead

More information

Analyzing Capabilities of Commercial and Open-Source Routers to Implement Atomic BGP

Analyzing Capabilities of Commercial and Open-Source Routers to Implement Atomic BGP Telfor Journal, Vol. 2, No. 1, 2010. 13 Analyzing Capabilities of Commercial and Open-Source Routers to Implement Atomic BGP Aleksandar Cvjetić and Aleksandra Smiljanić Abstract The paper analyzes implementations

More information

Glossary. 7750 SR Advanced Configuration Guide Page 2785

Glossary. 7750 SR Advanced Configuration Guide Page 2785 Glossary 6PE IPv6 Provider Edge router. An MPLS IPv4 core network that supports IPv6 domains which communicate over an IES service. 6VPE IPv6 Provider Edge router with IP-VPN Services. An MPLS IPv4 core

More information

MPLS L2VPN (VLL) Technology White Paper

MPLS L2VPN (VLL) Technology White Paper MPLS L2VPN (VLL) Technology White Paper Issue 1.0 Date 2012-10-30 HUAWEI TECHNOLOGIES CO., LTD. 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any

More information

Using OSPF in an MPLS VPN Environment

Using OSPF in an MPLS VPN Environment Using OSPF in an MPLS VPN Environment Overview This module introduces the interaction between multi-protocol Border Gateway Protocol (MP-BGP) running between Provider Edge routers (s) and Open Shortest

More information

IMPLEMENTING CISCO IP ROUTING V2.0 (ROUTE)

IMPLEMENTING CISCO IP ROUTING V2.0 (ROUTE) IMPLEMENTING CISCO IP ROUTING V2.0 (ROUTE) COURSE OVERVIEW: Implementing Cisco IP Routing (ROUTE) v2.0 is an instructor-led five day training course developed to help students prepare for Cisco CCNP _

More information

Data Networking and Architecture. Delegates should have some basic knowledge of Internet Protocol and Data Networking principles.

Data Networking and Architecture. Delegates should have some basic knowledge of Internet Protocol and Data Networking principles. Data Networking and Architecture The course focuses on theoretical principles and practical implementation of selected Data Networking protocols and standards. Physical network architecture is described

More information

MPLS VPN Security BRKSEC-2145

MPLS VPN Security BRKSEC-2145 MPLS VPN Security BRKSEC-2145 Session Objective Learn how to secure networks which run MPLS VPNs. 100% network focus! Securing routers & the whole network against DoS and abuse Not discussed: Security

More information

Using the Border Gateway Protocol for Interdomain Routing

Using the Border Gateway Protocol for Interdomain Routing CHAPTER 12 Using the Border Gateway Protocol for Interdomain Routing The Border Gateway Protocol (BGP), defined in RFC 1771, provides loop-free interdomain routing between autonomous systems. (An autonomous

More information

Notice the router names, as these are often used in MPLS terminology. The Customer Edge router a router that directly connects to a customer network.

Notice the router names, as these are often used in MPLS terminology. The Customer Edge router a router that directly connects to a customer network. Where MPLS part I explains the basics of labeling packets, it s not giving any advantage over normal routing, apart from faster table lookups. But extensions to MPLS allow for more. In this article I ll

More information

MPLS L3 VPN Supporting VoIP, Multicast, and Inter-Provider Solutions

MPLS L3 VPN Supporting VoIP, Multicast, and Inter-Provider Solutions MPLS L3 VPN Supporting VoIP, Multicast, and Inter-Provider Solutions Luyuan Fang ATT MPLSCon 2005, NYC The world s networking company SM Outline Overview of the L3 VPN deployment VoIP over MPLS VPN MPLS

More information

Table of Contents. Cisco Configuring a Basic MPLS VPN

Table of Contents. Cisco Configuring a Basic MPLS VPN Table of Contents Configuring a Basic MPLS VPN...1 Introduction...1 Prerequisites...1 Requirements...1 Components Used...2 Related Products...2 Conventions...2 Configure...3 Network Diagram...3 Configuration

More information

Addressing Inter Provider Connections With MPLS-ICI

Addressing Inter Provider Connections With MPLS-ICI Addressing Inter Provider Connections With MPLS-ICI Introduction Why migrate to packet switched MPLS? The migration away from traditional multiple packet overlay networks towards a converged packet-switched

More information

AMPLS - Advanced Implementing and Troubleshooting MPLS VPN Networks v4.0

AMPLS - Advanced Implementing and Troubleshooting MPLS VPN Networks v4.0 Course Outline AMPLS - Advanced Implementing and Troubleshooting MPLS VPN Networks v4.0 Module 1: MPLS Features Lesson 1: Describing Basic MPLS Concepts Provide an overview of MPLS forwarding, features,

More information

Cisco 642-889. Implementing Cisco Service Provider Next-Generation Egde Network Services. Version: 4.1

Cisco 642-889. Implementing Cisco Service Provider Next-Generation Egde Network Services. Version: 4.1 Cisco 642-889 Implementing Cisco Service Provider Next-Generation Egde Network Services Version: 4.1 QUESTION NO: 1 Cisco 642-889 Exam Which type of VPN requires a full mesh of virtual circuits to provide

More information

Cisco BGP Case Studies

Cisco BGP Case Studies Table of Contents BGP Case Studies...1 BGP4 Case Studies Section 1...3 Contents...3 Introduction...3 How Does BGP Work?...3 ebgp and ibgp...3 Enabling BGP Routing...4 Forming BGP Neighbors...4 BGP and

More information

WHITE PAPER. Addressing Inter Provider Connections with MPLS-ICI CONTENTS: Introduction. IP/MPLS Forum White Paper. January 2008. Introduction...

WHITE PAPER. Addressing Inter Provider Connections with MPLS-ICI CONTENTS: Introduction. IP/MPLS Forum White Paper. January 2008. Introduction... Introduction WHITE PAPER Addressing Inter Provider Connections with MPLS-ICI The migration away from traditional multiple packet overlay networks towards a converged packet-switched MPLS system is now

More information

Configuring MPLS Hub-and-Spoke Layer 3 VPNs

Configuring MPLS Hub-and-Spoke Layer 3 VPNs CHAPTER 23 This chapter describes how to configure a hub-and-spoke topology for Multiprotocol Layer Switching (MPLS) Layer 3 virtual private networks (VPNs) on Cisco NX-OS devices. This chapter includes

More information

Leveraging Advanced Load Sharing for Scaling Capacity to 100 Gbps and Beyond

Leveraging Advanced Load Sharing for Scaling Capacity to 100 Gbps and Beyond Leveraging Advanced Load Sharing for Scaling Capacity to 100 Gbps and Beyond Ananda Rajagopal Product Line Manager Service Provider Solutions Foundry Networks arajagopal@foundrynet.com Agenda 2 Why Load

More information

MPLS Layer 2 VPNs Functional and Performance Testing Sample Test Plans

MPLS Layer 2 VPNs Functional and Performance Testing Sample Test Plans MPLS Layer 2 VPNs Functional and Performance Testing Sample Test Plans Contents Overview 1 1. L2 VPN Padding Verification Test 1 1.1 Objective 1 1.2 Setup 1 1.3 Input Parameters 2 1.4 Methodology 2 1.5

More information

Methods of interconnecting MPLS Networks

Methods of interconnecting MPLS Networks Methods of interconnecting MPLS Networks NANOG31, May 2005 San Francisco Cable & Wireless Internet Engineering Udo Steinegger What this talk is about General This presentation covers technologies on how

More information

MPLS VPN Implementation

MPLS VPN Implementation MPLS VPN Implementation Overview Virtual Routing and Forwarding Table VPN-Aware Routing Protocols VRF Configuration Tasks Configuring BGP Address families Configuring BGP Neighbors Configuring MP-BGP Monitoring

More information

Internetworking II: VPNs, MPLS, and Traffic Engineering

Internetworking II: VPNs, MPLS, and Traffic Engineering Internetworking II: VPNs, MPLS, and Traffic Engineering 3035/GZ01 Networked Systems Kyle Jamieson Lecture 10 Department of Computer Science University College London Taxonomy of communica@on networks Virtual

More information

l.cittadini, m.cola, g.di battista

l.cittadini, m.cola, g.di battista MPLS VPN l.cittadini, m.cola, g.di battista motivations customer s problem a customer (e.g., private company, public administration, etc.) has several geographically distributed sites and would like to

More information

MPLS over IP-Tunnels. Mark Townsley Distinguished Engineer. 21 February 2005

MPLS over IP-Tunnels. Mark Townsley Distinguished Engineer. 21 February 2005 MPLS over IP-Tunnels Mark Townsley Distinguished Engineer 21 February 2005 1 MPLS over IP The Basic Idea MPLS Tunnel Label Exp S TTL MPLS VPN Label Exp S TTL MPLS Payload (L3VPN, PWE3, etc) MPLS Tunnel

More information

--BGP 4 White Paper Ver.1.0-- BGP-4 in Vanguard Routers

--BGP 4 White Paper Ver.1.0-- BGP-4 in Vanguard Routers BGP-4 in Vanguard Routers 1 Table of Contents Introduction to BGP... 6 BGP terminology... 6 AS (Autonomous system):... 6 AS connection:... 6 BGP Speaker:... 6 BGP Neighbor/Peer:... 7 BGP Session:... 7

More information

Quidway MPLS VPN Solution for Financial Networks

Quidway MPLS VPN Solution for Financial Networks Quidway MPLS VPN Solution for Financial Networks Using a uniform computer network to provide various value-added services is a new trend of the application systems of large banks. Transplanting traditional

More information

Internet Protocol: IP packet headers. vendredi 18 octobre 13

Internet Protocol: IP packet headers. vendredi 18 octobre 13 Internet Protocol: IP packet headers 1 IPv4 header V L TOS Total Length Identification F Frag TTL Proto Checksum Options Source address Destination address Data (payload) Padding V: Version (IPv4 ; IPv6)

More information

s@lm@n Cisco Exam 400-201 CCIE Service Provider Written Exam Version: 7.0 [ Total Questions: 107 ]

s@lm@n Cisco Exam 400-201 CCIE Service Provider Written Exam Version: 7.0 [ Total Questions: 107 ] s@lm@n Cisco Exam 400-201 CCIE Service Provider Written Exam Version: 7.0 [ Total Questions: 107 ] Cisco 400-201 : Practice Test Question No : 1 Which two frame types are correct when configuring T3 interfaces?

More information

MPLS Basics. For details about MPLS architecture, refer to RFC 3031 Multiprotocol Label Switching Architecture.

MPLS Basics. For details about MPLS architecture, refer to RFC 3031 Multiprotocol Label Switching Architecture. Multiprotocol Label Switching (), originating in IPv4, was initially proposed to improve forwarding speed. Its core technology can be extended to multiple network protocols, such as IPv6, Internet Packet

More information

Fundamentals Multiprotocol Label Switching MPLS III

Fundamentals Multiprotocol Label Switching MPLS III Fundamentals Multiprotocol Label Switching MPLS III Design of Telecommunication Infrastructures 2008-2009 Rafael Sebastian Departament de tecnologies de la Informació i les Comunicaciones Universitat Pompeu

More information

Expert Reference Series of White Papers. An Overview of MPLS VPNs: Overlay; Layer 3; and PseudoWire

Expert Reference Series of White Papers. An Overview of MPLS VPNs: Overlay; Layer 3; and PseudoWire Expert Reference Series of White Papers An Overview of MPLS VPNs: Overlay; Layer 3; and PseudoWire 1-800-COURSES www.globalknowledge.com An Overview of MPLS VPNs: Overlay; Layer 3; and PseudoWire Al Friebe,

More information

Designing and Developing Scalable IP Networks

Designing and Developing Scalable IP Networks Designing and Developing Scalable IP Networks Guy Davies Telindus, UK John Wiley & Sons, Ltd Contents List of Figures List of Tables About the Author Acknowledgements Abbreviations Introduction xi xiii

More information

Interconnecting Cisco Networking Devices Part 2

Interconnecting Cisco Networking Devices Part 2 Interconnecting Cisco Networking Devices Part 2 Course Number: ICND2 Length: 5 Day(s) Certification Exam This course will help you prepare for the following exam: 640 816: ICND2 Course Overview This course

More information

Technology Overview. Class of Service Overview. Published: 2014-01-10. Copyright 2014, Juniper Networks, Inc.

Technology Overview. Class of Service Overview. Published: 2014-01-10. Copyright 2014, Juniper Networks, Inc. Technology Overview Class of Service Overview Published: 2014-01-10 Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, California 94089 USA 408-745-2000 www.juniper.net Juniper Networks, Junos,

More information

Implementing Cisco Service Provider Next-Generation Edge Network Services **Part of the CCNP Service Provider track**

Implementing Cisco Service Provider Next-Generation Edge Network Services **Part of the CCNP Service Provider track** Course: Duration: Price: $ 3,695.00 Learning Credits: 37 Certification: Implementing Cisco Service Provider Next-Generation Edge Network Services Implementing Cisco Service Provider Next-Generation Edge

More information

Why Is MPLS VPN Security Important?

Why Is MPLS VPN Security Important? MPLS VPN Security An Overview Monique Morrow Michael Behringer May 2 2007 Future-Net Conference New York Futurenet - MPLS Security 1 Why Is MPLS VPN Security Important? Customer buys Internet Service :

More information

Multi Protocol Label Switching (MPLS) is a core networking technology that

Multi Protocol Label Switching (MPLS) is a core networking technology that MPLS and MPLS VPNs: Basics for Beginners Christopher Brandon Johnson Abstract Multi Protocol Label Switching (MPLS) is a core networking technology that operates essentially in between Layers 2 and 3 of

More information

MPLS/BGP Network Simulation Techniques for Business Enterprise Networks

MPLS/BGP Network Simulation Techniques for Business Enterprise Networks MPLS/BGP Network Simulation Techniques for Business Enterprise Networks Nagaselvam M Computer Science and Engineering, Nehru Institute of Technology, Coimbatore, Abstract Business Enterprises used VSAT

More information

7750 SR OS System Management Guide

7750 SR OS System Management Guide 7750 SR OS System Management Guide Software Version: 7750 SR OS 10.0 R4 July 2012 Document Part Number: 93-0071-09-02 *93-0071-09-02* This document is protected by copyright. Except as specifically permitted

More information

Implementation of Traffic Engineering and Addressing QoS in MPLS VPN Based IP Backbone

Implementation of Traffic Engineering and Addressing QoS in MPLS VPN Based IP Backbone International Journal of Computer Science and Telecommunications [Volume 5, Issue 6, June 2014] 9 ISSN 2047-3338 Implementation of Traffic Engineering and Addressing QoS in MPLS VPN Based IP Backbone Mushtaq

More information

ETHERNET VPN (EVPN) OVERLAY NETWORKS FOR ETHERNET SERVICES

ETHERNET VPN (EVPN) OVERLAY NETWORKS FOR ETHERNET SERVICES ETHERNET VPN (EVPN) OVERLAY NETWORKS FOR ETHERNET SERVICES Greg Hankins RIPE 68 RIPE 68 2014/05/12 AGENDA 1. EVPN Background and Motivation 2. EVPN Operations 3. EVPN

More information

AT&T Managed IP Network Service (MIPNS) MPLS Private Network Transport Technical Configuration Guide Version 1.0

AT&T Managed IP Network Service (MIPNS) MPLS Private Network Transport Technical Configuration Guide Version 1.0 AT&T Managed IP Network Service (MIPNS) MPLS Private Network Transport Technical Configuration Guide Version 1.0 Introduction...2 Overview...2 1. Technology Background...2 2. MPLS PNT Offer Models...3

More information

IMPLEMENTING CISCO MPLS V2.3 (MPLS)

IMPLEMENTING CISCO MPLS V2.3 (MPLS) IMPLEMENTING CISCO MPLS V2.3 (MPLS) COURSE OVERVIEW: The course will enable learners to gather information from the technology basics to advanced VPN configuration. The focus of the course is on VPN technology

More information

CCNP ROUTE 642-902. Official Certification Guide. Wendell Odom, CCIE No. 1624. Cisco Press. Indianapolis, IN 46240. 800 East 96th Street

CCNP ROUTE 642-902. Official Certification Guide. Wendell Odom, CCIE No. 1624. Cisco Press. Indianapolis, IN 46240. 800 East 96th Street CCNP ROUTE 642-902 Official Certification Guide Wendell Odom, CCIE No. 1624 Cisco Press 800 East 96th Street Indianapolis, IN 46240 IX Contents Foreword xxiv Introduction xxv Part I Perspectives on Network

More information

ISTANBUL. 1.1 MPLS overview. Alcatel Certified Business Network Specialist Part 2

ISTANBUL. 1.1 MPLS overview. Alcatel Certified Business Network Specialist Part 2 1 ISTANBUL 1.1 MPLS overview 1 1.1.1 Principle Use of a ATM core network 2 Overlay Network One Virtual Circuit per communication No routing protocol Scalability problem 2 1.1.1 Principle Weakness of overlay

More information

Understanding Virtual Router and Virtual Systems

Understanding Virtual Router and Virtual Systems Understanding Virtual Router and Virtual Systems PAN- OS 6.0 Humair Ali Professional Services Content Table of Contents VIRTUAL ROUTER... 5 CONNECTED... 8 STATIC ROUTING... 9 OSPF... 11 BGP... 17 IMPORT

More information

MPLS in Private Networks Is It a Good Idea?

MPLS in Private Networks Is It a Good Idea? MPLS in Private Networks Is It a Good Idea? Jim Metzler Vice President Ashton, Metzler & Associates March 2005 Introduction The wide area network (WAN) brings indisputable value to organizations of all

More information

100Gigabit and Beyond: Increasing Capacity in IP/MPLS Networks Today Rahul Vir Product Line Manager Foundry Networks rvir@foundrynet.

100Gigabit and Beyond: Increasing Capacity in IP/MPLS Networks Today Rahul Vir Product Line Manager Foundry Networks rvir@foundrynet. 100Gigabit and Beyond: Increasing Capacity in IP/MPLS Networks Today Rahul Vir Product Line Manager Foundry Networks rvir@foundrynet.com 1 Agenda 2 40GE/100GE Timeline to Standardization The Ethernet Alliance

More information

ENSURING RAPID RESTORATION IN JUNOS OS-BASED NETWORKS

ENSURING RAPID RESTORATION IN JUNOS OS-BASED NETWORKS WHITE PAPER ENSURING RAPID RESTORATION IN JUNOS OS-BASED NETWORKS A Complete Convergence Solution Based on Local Repair, Loop Free Alternates, and Hierarchical Forwarding Copyright 0, Juniper Networks,

More information

Implementing Cisco MPLS

Implementing Cisco MPLS Implementing Cisco MPLS Course MPLS v2.3; 5 Days, Instructor-led Course Description This design document is for the refresh of the Implementing Cisco MPLS (MPLS) v2.3 instructor-led training (ILT) course,

More information

QoS Switching. Two Related Areas to Cover (1) Switched IP Forwarding (2) 802.1Q (Virtual LANs) and 802.1p (GARP/Priorities)

QoS Switching. Two Related Areas to Cover (1) Switched IP Forwarding (2) 802.1Q (Virtual LANs) and 802.1p (GARP/Priorities) QoS Switching H. T. Kung Division of Engineering and Applied Sciences Harvard University November 4, 1998 1of40 Two Related Areas to Cover (1) Switched IP Forwarding (2) 802.1Q (Virtual LANs) and 802.1p

More information

ICTTEN6172A Design and configure an IP- MPLS network with virtual private network tunnelling

ICTTEN6172A Design and configure an IP- MPLS network with virtual private network tunnelling ICTTEN6172A Design and configure an IP- MPLS network with virtual private network tunnelling Release: 1 ICTTEN6172A Design and configure an IP-MPLS network with virtual private network tunnelling Modification

More information

Network Configuration Example

Network Configuration Example Network Configuration Example Configuring Branch SRX Series for MPLS over IPsec (1500-byte MTU) Published: 2014-12-17 Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, California 94089 USA 408-745-2000

More information

Implementing VPN over MPLS

Implementing VPN over MPLS IOSR Journal of Electronics and Communication Engineering (IOSR-JECE) e-issn: 2278-2834,p- ISSN: 2278-8735.Volume 10, Issue 3, Ver. I (May - Jun.2015), PP 48-53 www.iosrjournals.org Implementing VPN over

More information

Virtual Private Networks. Juha Heinänen jh@song.fi Song Networks

Virtual Private Networks. Juha Heinänen jh@song.fi Song Networks Virtual Private Networks Juha Heinänen jh@song.fi Song Networks What is an IP VPN? an emulation of private (wide area) network facility using provider IP facilities provides permanent connectivity between

More information